CVE-2014-3341: Infoleak
First published: Tue Aug 19 2014(Updated: )
The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco NX-OS | <=7.0\(3\)n1\(1\) | |
| Cisco NX-OS | =5.0\(2\)n1\(1\) | |
| Cisco NX-OS | =5.0\(2\)n2\(1\) | |
| Cisco NX-OS | =5.0\(2\)n2\(1a\) | |
| Cisco NX-OS | =5.0\(3\)n1\(1c\) | |
| Cisco NX-OS | =5.0\(3\)n2\(1\) | |
| Cisco NX-OS | =5.0\(3\)n2\(2\) | |
| Cisco NX-OS | =5.0\(3\)n2\(2a\) | |
| Cisco NX-OS | =5.0\(3\)n2\(2b\) | |
| Cisco NX-OS | =5.1\(3\)n1\(1\) | |
| Cisco NX-OS | =5.1\(3\)n1\(1a\) | |
| Cisco NX-OS | =5.1\(3\)n2\(1\) | |
| Cisco NX-OS | =5.1\(3\)n2\(1a\) | |
| Cisco NX-OS | =5.1\(3\)n2\(1b\) | |
| Cisco NX-OS | =5.1\(3\)n2\(1c\) | |
| Cisco NX-OS | =5.2\(1\)n1\(1\) | |
| Cisco NX-OS | =5.2\(1\)n1\(1a\) | |
| Cisco NX-OS | =5.2\(1\)n1\(1b\) | |
| Cisco NX-OS | =5.2\(1\)n1\(2\) | |
| Cisco NX-OS | =5.2\(1\)n1\(2a\) | |
| Cisco NX-OS | =5.2\(1\)n1\(3\) | |
| Cisco NX-OS | =5.2\(1\)n1\(4\) | |
| Cisco NX-OS | =5.2\(1\)n1\(5\) | |
| Cisco NX-OS | =5.2\(1\)n1\(6\) | |
| Cisco NX-OS | =5.2\(1\)n1\(7\) | |
| Cisco NX-OS | =5.2\(1\)n1\(8\) | |
| Cisco NX-OS | =5.2\(1\)n1\(8a\) | |
| Cisco NX-OS | =6.0\(2\)n1\(2\) | |
| Cisco NX-OS | =6.0\(2\)n1\(2a\) | |
| Cisco NX-OS | =6.0\(2\)n2\(1\) | |
| Cisco NX-OS | =6.0\(2\)n2\(1b\) | |
| Cisco NX-OS | =6.0\(2\)n2\(2\) | |
| Cisco NX-OS | =6.0\(2\)n2\(3\) | |
| Cisco NX-OS | =6.0\(2\)n2\(4\) | |
| Cisco NX-OS | =6.0\(2\)n2\(5\) | |
| Cisco NX-OS | =7.0\(0\)n1\(1\) | |
| Cisco NX-OS | =7.0\(1\)n1\(1\) | |
| Cisco NX-OS | =7.0\(2\)n1\(1\) | |
| Cisco Nexus 5000 firmware | ||
| Cisco Nexus 5010 | ||
| Cisco Nexus 5010 | ||
| Cisco Nexus 5020 | ||
| Cisco Nexus 5020p Switch | ||
| Cisco Nexus 5548P Firmware | ||
| Cisco Nexus 5548UP Firmware | ||
| Cisco Nexus 5596T Firmware | ||
| Cisco Nexus 5596UP Firmware | ||
| Cisco 56128p | ||
| Cisco Nexus 5672UP-16G | ||
| Cisco Nexus 6001 Firmware | ||
| Cisco Nexus 6004 Firmware | ||
| Cisco Nexus 6004X Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-3341?
CVE-2014-3341 is considered a medium severity vulnerability that allows attackers to enumerate VLANs.
How do I fix CVE-2014-3341?
To fix CVE-2014-3341, upgrade Cisco NX-OS to a version that is later than 7.0(3)N1(1).
What types of devices are affected by CVE-2014-3341?
CVE-2014-3341 affects Cisco Nexus 5000 and 6000 series devices running vulnerable versions of NX-OS.
Can CVE-2014-3341 be exploited remotely?
Yes, CVE-2014-3341 can be exploited remotely by attackers sending specific SNMP requests.
What is the impact of CVE-2014-3341 on network security?
The impact of CVE-2014-3341 is that it allows unauthorized users to gather information about VLAN configurations, which can lead to further attacks.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco nx-os
- version/cisco nx-os/7.0\(3\)n1\(1\)
- version/cisco nx-os/5.0\(2\)n1\(1\)
- version/cisco nx-os/5.0\(2\)n2\(1\)
- version/cisco nx-os/5.0\(2\)n2\(1a\)
- version/cisco nx-os/5.0\(3\)n1\(1c\)
- version/cisco nx-os/5.0\(3\)n2\(1\)
- version/cisco nx-os/5.0\(3\)n2\(2\)
- version/cisco nx-os/5.0\(3\)n2\(2a\)
- version/cisco nx-os/5.0\(3\)n2\(2b\)
- version/cisco nx-os/5.1\(3\)n1\(1\)
- version/cisco nx-os/5.1\(3\)n1\(1a\)
- version/cisco nx-os/5.1\(3\)n2\(1\)
- version/cisco nx-os/5.1\(3\)n2\(1a\)
- version/cisco nx-os/5.1\(3\)n2\(1b\)
- version/cisco nx-os/5.1\(3\)n2\(1c\)
- version/cisco nx-os/5.2\(1\)n1\(1\)
- version/cisco nx-os/5.2\(1\)n1\(1a\)
- version/cisco nx-os/5.2\(1\)n1\(1b\)
- version/cisco nx-os/5.2\(1\)n1\(2\)
- version/cisco nx-os/5.2\(1\)n1\(2a\)
- version/cisco nx-os/5.2\(1\)n1\(3\)
- version/cisco nx-os/5.2\(1\)n1\(4\)
- version/cisco nx-os/5.2\(1\)n1\(5\)
- version/cisco nx-os/5.2\(1\)n1\(6\)
- version/cisco nx-os/5.2\(1\)n1\(7\)
- version/cisco nx-os/5.2\(1\)n1\(8\)
- version/cisco nx-os/5.2\(1\)n1\(8a\)
- version/cisco nx-os/6.0\(2\)n1\(2\)
- version/cisco nx-os/6.0\(2\)n1\(2a\)
- version/cisco nx-os/6.0\(2\)n2\(1\)
- version/cisco nx-os/6.0\(2\)n2\(1b\)
- version/cisco nx-os/6.0\(2\)n2\(2\)
- version/cisco nx-os/6.0\(2\)n2\(3\)
- version/cisco nx-os/6.0\(2\)n2\(4\)
- version/cisco nx-os/6.0\(2\)n2\(5\)
- version/cisco nx-os/7.0\(0\)n1\(1\)
- version/cisco nx-os/7.0\(1\)n1\(1\)
- version/cisco nx-os/7.0\(2\)n1\(1\)
- canonical/cisco nexus 5000 firmware
- canonical/cisco nexus 5010
- canonical/cisco nexus 5020
- canonical/cisco nexus 5020p switch
- canonical/cisco nexus 5548p firmware
- canonical/cisco nexus 5548up firmware
- canonical/cisco nexus 5596t firmware
- canonical/cisco nexus 5596up firmware
- canonical/cisco 56128p
- canonical/cisco nexus 5672up-16g
- canonical/cisco nexus 6001 firmware
- canonical/cisco nexus 6004 firmware
- canonical/cisco nexus 6004x firmware